Opened 14 years ago
Last modified 14 years ago
#7441 new enhancement
Expose "--vrdpaddress 127.0.0.1" in the GUI
| Reported by: | mh | Owned by: | |
|---|---|---|---|
| Component: | RDP | Version: | VirtualBox 3.2.8 |
| Keywords: | Cc: | ||
| Guest type: | other | Host type: | other |
Description
RDP is not just for remote access but also for local, headless machines. So it would be great to add a very simple "restrict to local host" checkbox in the Remote Display configuration tab. This checkbox would just configure "--vrdpaddress" to "127.0.0.1", for obvious security benefits.
I realize this feature is already available on the command line but having it exposed in the GUI would make a lot more of people using it, making VirtualBox a generally more secure product.
A more advanced (and maybe overkill) variant of this feature would let the user bind not just to its loopback interface but to any of its network interfaces.
Change History (2)
follow-up: 2 comment:1 by , 14 years ago
comment:2 by , 14 years ago
Frank, thanks for considering this request.
Replying to frank:
He has several capabilities to do so: Adjust the local firewall rules,...
Firewalls are an order of magnitude more complicated than binding. Complexity is bad for security since it is error-prone. Experience shows that most people do not understand firewalling, even many IT people. Thus this request.
We could add a field VRDP address to the VM GUI settings but we normally don't expose every VM setting to the GUI, only the important ones.
Understood.
Having a simple checkbox (restrict to locahost) is not possible because that wouldn't catch more sophisticated settings done with VBoxManage.
Is this essentially about how to display in the GUI values that cannot be set in the GUI?
I understand this feature request but the user who enables a remote desktop protocol should be aware that he opens a potential security hole and he should therefore take the required actions to block access from non-authorized users. He has several capabilities to do so: Adjust the local firewall rules, adjust the VM RDP auth type (--vrdpauthtype), adjust the IP at which the RDP server listens.
We could add a field VRDP address to the VM GUI settings but we normally don't expose every VM setting to the GUI, only the important ones. Having a simple checkbox (restrict to locahost) is not possible because that wouldn't catch more sophisticated settings done with VBoxManage.